PT-2017-17233 · Cisco · Cisco Asr 5000 Series Aggregation Services Routers

Published

2017-07-25

Updated

2019-10-03

CVE-2017-6672

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Cisco ASR 5000 Series Aggregation Services Routers versions prior to 22.x

Description A vulnerability in certain filtering mechanisms of access control lists (ACLs) could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device.

Recommendations For Cisco ASR 5000 Series Aggregation Services Routers versions prior to 22.x, update to version 22.x or later to resolve the issue.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2017-6672

Affected Products

Cisco Asr 5000 Series Aggregation Services Routers

PT-2017-17233 · Cisco · Cisco Asr 5000 Series Aggregation Services Routers

CVE-2017-6672

Weakness Enumeration

Related Identifiers

Affected Products

References · 5